Red Hat Continues Public Sector Security Leadership

Partnership with Tresys Technology and additional Common Criteria evaluations reinforce Red Hat's commitment to IT security for public sector customers

RALEIGH, N.C -

Red Hat (NASDAQ: RHAT), the world's leading provider of open source, today announced at the 2nd Annual Red Hat Government User Conference that it has partnered with Tresys Technology to enhance the services backing Security-Enhanced Linux-based Red Hat Enterprise Linux and has enhanced its security evaluation program, reinforcing its commitment to IT security for public sector customers. Red Hat's commitment to security evaluations and innovation have long positioned the company as a leader in delivering secure, independently evaluated software to organizations in the public and private sectors. Recent Common Criteria evaluations bring the total number of independent security certifications to five for Red Hat Enterprise Linux across eight major hardware platforms.

Red Hat has partnered with Tresys Technology, a principal open source contributor to Security Enhanced Linux (SELinux), to deliver services for SELinux. Building upon their extensive open source technology and unmatched experience using SELinux to build secure systems, Tresys is developing a series of products that make it easier to use the power of SELinux. The partnership with Tresys will give Red Hat public sector customers the services they need to integrate SELinux and enhanced security functionality required to protect platforms at their core, using approaches such as Mandatory Access Control (MAC). The ability to be able to contain security breaches, significantly impacts the development of technology systems that meet public sector security needs.

"This is an important announcement which shows how both government and business can take security to the next level. As public sector agencies, along with the Department of Defense (DoD) and Intelligence Community, strive to deliver new solutions quickly and with enhanced functionality, compromised security is not an option," said Paul Smith, Red Hat's vice president of government operations.

"SELinux is the best security technology available," said Frank Mayer, President/CTO Tresys Technology. "This partnership with Red Hat enables us to expand the application of SELinux flexible mandatory access controls to greatly enhance the security of even more business applications. With this technology, government and business organizations can contain hackers, protect their assets and applications, and minimize damage by malicious users and programs."

Red Hat has also announced its continued commitment to security evaluation leadership through Common Criteria evaluations. Common Criteria is an internationally recognized set of guidelines (ISO/ISE 15408), which define a common infrastructure for IT security products. The standard consists of several predetermined assurance levels that the vendor can choose to be tested against, each one more stringent than the last. The evaluation process is rigorous and can take months or years to complete. Once achieved, Common Criteria certifications are mutually accepted by 21 countries, including the United States government, regardless of what country the product was validated in.

To date, Red Hat has successfully completed Common Criteria Evaluations at EAL3+/Controlled Access Protection Profile (CAPP) for the following products, in partnership with Hewlett Packard (HP): Red Hat Enterprise Linux v.4, Update 2 was evaluated on all Red Hat certified HP ProLiant Servers, HP Integrity Servers, HP Carrier Grade Servers, and HP Workstations. Also, Red Hat partnered with SGI for evaluation of Red Hat Enterprise Linux 4 on the SGI® Altix® server platform at EAL 3+/CAPP. All the evaluations were completed by atsec information security corporation and certified by the US National Information Assurance Partnership (NIAP).

In addition, Red Hat recently completed Common Criteria Evaluations, in partnership with IBM, at CAPP/EAL4 -- the highest level generally achieved by commercial software: Red Hat Enterprise Linux v.4 on six platforms including Red Hat Enterprise Linux WS on IBM xSeries, and Red Hat Enterprise Linux AS on IBM xSeries, iSeries, pSeries, zSeries, as well as Opteron-based systems. The evaluation was completed by atsec information security corporation and certified by NIAP.

Continuing Red Hat's dedication to the company's security evaluation program, both HP and IBM have submitted the upcoming Red Hat Enterprise Linux 5 for EAL 4+/CAPP, Labeled Security Protection Profile (LSPP) and Role-Based Access Controls (RBAC) evaluation.

"Government agencies are transforming the way they integrate, access and share information. As a recognized global standard, Common Criteria certification provides government agencies and commercial enterprises with proven third-party assurance that our solutions can meet the toughest demands of mission-critical security environments," said Smith. "As the federal government increases its use of solutions that are securely integrated, the importance of NIAP Common Criteria certification will continue to increase. With 5 certifications and 2 more evaluations underway, Red Hat has demonstrated commitment to delivering solutions that are supported and validated by rigorous international technology standards."

To learn more about the Red Hat's security road map and public sector solutions, please visit www.redhat.com/solutions/industries/government/.

About Red Hat, Inc.

Red Hat, the world's leading open source solutions provider, is headquartered in Raleigh, NC with satellite offices spanning the globe. CIOs and other senior-level IT executives have ranked Red Hat as the industry's most valued vendor for two consecutive years in the CIO Insight Magazine Vendor Value study. Red Hat is leading Linux and open source solutions into the mainstream by making high-quality, low-cost technology accessible. Red Hat provides an operating system platform, Red Hat Enterprise Linux, along with applications, management, and middleware solutions, including JBoss Enterprise Middleware Suite. Red Hat is accelerating the shift to service-oriented architectures and enabling the next generation of web-enabled applications running on a low-cost, secure open source platform. Red Hat also offers support, training and consulting services to its customers worldwide and through top-tier partnerships. Red Hat's open source strategy offers customers a long term plan for building infrastructures that are based on and leverage open source technologies with a focus on security and ease of management. Learn more: http://www.redhat.com

Forward-Looking Statements

Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to the integration of acquisitions; the ability of the Company to effectively compete; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company's growth and international operations; adverse results in litigation; the dependence on key personnel as well as other factors contained in in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission's website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition, the forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of the press release.

LINUX is a trademark of Linus Torvalds. RED HAT and JBOSS are registered trademarks of Red Hat, Inc. and its subsidiaries in the US and other countries.

  • About Red Hat
  • Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at http://www.redhat.com.



  • Forward-Looking Statements
  • Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending; the effects of industry consolidation; the ability of the Company to compete effectively; the integration of acquisitions and the ability to market successfully acquired technologies and products; uncertainty and adverse results in litigation and related settlements; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company’s growth and international operations; fluctuations in exchange rates; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission’s website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management’s Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company’s views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company’s views as of any date subsequent to the date of this press release.